[JCR-3036] WebDAV/DaveX Servlets susceptible to CSRF Attacks - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.2.7
Fix Version/s: 2.2.8
Component/s: jackrabbit-jcr-server, jackrabbit-webapp, jackrabbit-webdav
Labels:
- davex
- jackrabbit
- security
- webdav

Description

Both the WebDAV and the remoting (DaveX) servlets are susceptible to CSRF attacks.

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

jackrabbit-webdav-csrf-patch.txt
28/Jul/11 10:29
12 kB
Lars Krapf

Activity

People

Assignee:: Angela Schreiber

Reporter:: Lars Krapf

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 28/Jul/11 10:27

Updated:: 29/Aug/16 13:06

Resolved:: 29/Jul/11 15:17